Skip to Main content Skip to Navigation
Conference papers

On-Device Control Flow Verification for Java Programs

Arnaud Fontaine 1 Samuel Hym 1 Isabelle Simplot-Ryl 1 
1 POPS - System and Networking for Portable Objects Proved to be Safe
LIFL - Laboratoire d'Informatique Fondamentale de Lille, Inria Lille - Nord Europe
Abstract : While mobile devices have become ubiquitous and generally multi-application capable, their operating systems provide few high level mechanisms to protect services offered by application vendors against potentially hostile applications coexisting on the device. In this paper, we tackle the issue of controlling application interactions including col- lusion in Java-based systems running on open, constrained devices such as smart cards or mobile phones. We present a model specially designed to be embedded in constrained devices to verify on-device at loading- time that interactions between applications abide by the security policies of each involved application without resulting in run-time computation overheads; this model deals with application (un)installations and policy changes in an incremental fashion. We sketch the application of our ap- proach and its security enhancements on a multi-application use case for GlobalPlatform/Java Card smart cards.
Document type :
Conference papers
Complete list of metadata
Contributor : Isabelle Simplot-Ryl Connect in order to contact the contributor
Submitted on : Thursday, February 3, 2011 - 4:22:27 PM
Last modification on : Thursday, February 24, 2022 - 3:10:16 AM


  • HAL Id : inria-00562611, version 1



Arnaud Fontaine, Samuel Hym, Isabelle Simplot-Ryl. On-Device Control Flow Verification for Java Programs. International Symposium on Engineering Secure Software and Systems (ESSoS 2011), Feb 2011, Madrid, Spain. pp.43--57. ⟨inria-00562611⟩



Record views